using Arduino IDE 2.0.1 (and 2.0.3) failed while trying to upload a certificate on my MKR WiFi 1010 ECCX508. I used the method as described in: https://docs.arduino.cc/software/ide-v2/tutorials/ide-v2-fw-cert-uploader.
The firmware update (to 1.5.0) was fine but the certificate upload failed fo reither arduino.cc or google.com as can be seen from the screenshot:
Any idea?
Do I eventually need to register myself for certificate download at google.com or any other certificate issuer?
If the "Upload SSL Root Certificates" dialog is still open, click the X icon at the top right corner of the dialog to close it.
Now check to see whether there is a "Serial Monitor" tab in the bottom panel of the Arduino IDE window:
If there is a "Serial Monitor" tab there, hover the mouse pointer over the tab, then click the X icon that appears:
After closing Serial Monitor, you should be able to successfully update the SSL certificate by repeating the same process you tried before when you got that "Upload failed" error.
Please let me know if that doesn't solve the problem and I'll see if I can find another possible fix for the problem.
thanks for your immediate response. Yes disconnecting from the serial port works! Good suggestion to be added to the tutorial for all those who try to load a certificate using the 2.0-IDE with an open sketch that uses the serial monitor.
This is a bug being tracked by the Arduino IDE developers here:
Ideally the bug would just be fixed so the user isn't responsible for any additional steps in order to upload a certificate. But I do agree that the current situation is a poor user experience. Many of us have Serial Monitor open most of the time while using Arduino IDE and we have come to expect that the IDE will automagically handle the port so that Serial Monitor doesn't interfere with its other uses of the port such as uploading a certificate to the board.
Hi ptilisch
I hope that I have successfully installation a certificate on dedicated encryption chip of my MKR WiFI 1010 but finally I'm not sure because I tried to run the tutorial
But this failed probably due to a missing public certificate on either the AWS or my Arduino site.
This was not easy and a little error prone because the AWS website change its API with respect to the tutorial and the Arduino team told me that a tutorial update is not planned. So I hope to get help here:
My understanding of SSL/TLS is that both sides (AWS and my MKR-WiFi encryption chip) require both a private and a public key (=certificate?).
To run the tutorial I have to do 2 things: first I have to provide my public certificate to the AWS website and secondly I have to receive the AWS public certificate and store this into the MKR encryption chip in one if 4 places (please correct me if I'm wrong).
What I did:
1.
In the Arduino IDE I successfully run Tools->Upload SSL Root certificate (which downloads (from either ardiono.cc or google.com) my private certificate on the ECCX08 chip, correct?)
2.
I generated my public certificate (in one of 5 slots) using File->Examples->ArduinoECCX08->ECCX08SR. This printed my public ocertificate on the Serial Monitor. I saved it to a file. It was enclosed in --BEGIN CERTIFICATE -- -- END CERTIFICATE-- brackets (correct)
3.
Now i logged in to the AWS website and selected Upload CSR as can bee seen below:
My understanding is that I now sent my public certificate to the AWS website (is this correct?)
4.
The AWS website responded with "you successfully cretaed certiicate as can be seen below:
During the generation method of my "Thing" I was asked to activate my certificate which I did:
I understand this to be the AWS public key (correct?)
If I understood all steps before correctly I am asking how to select the AWS public key on use it on my Arduino? Should it eventually be the const char SECRET_CERTIFICATE[] of my arduino_secrets.h that is part of my MQTT-sketch?
Finally I could solve the problem by myself: As expected the problem is the localization and storage of the AWS certificate: login to your AWS account, select IoT core. Select Manage-> Security-> Certificates. Select your already prepared certificate. If not yet activated: select Actions->Activate Next select Actions->Download. The AWS public certificate will be downloaded to your download folder. Rename it to *. txt and open a text editor with the *.txt file. Copy the content between
---- BEGIN CERTIFICATE---- and ----END CERTIFICATE---- into the arduino_secrets.h which is being generated if you run the Arduino tutorial. Don't forget to define the SECRET_SSID and SECRET_PASS. Also add the SECRET_BROKER with your private link to your AWS account.
Save, compile, upload and run the sketch. After a minute observe the Serial poutput with "Publishing message"
Return to your AWS session, select Test->MQTT test client.
Select Publish to a Topic, select arduino/incoming as a topic and press Publish
Shortly afterwards the text message in the Message paylod window should show up
In the Arduino Serial Monitor
Upon selectiung Subscribe to a topic, entering arduino/outgoing and pressing Subscribe you should see a sequence of "hello xxxxx" messages in the AWS arduino/outgioing window. Those have been generated by the AWS IoT tutorial sketch.